Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/LdmXaqG8LJbrTI9Cre_SOVeWyyY.roa
File: LdmXaqG8LJbrTI9Cre_SOVeWyyY.roa (raw, json)
Hash identifier: IZiZtBNehd4Rz+md/02VAII5VyYeugk149VUYtYAaO8=
Subject key identifier: 2D:D9:97:6A:A1:BC:2C:96:EB:4C:8F:42:AD:EF:D2:39:57:96:CB:26
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018CC348EDBF73F04DD36ACDED1B74946E20
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/LdmXaqG8LJbrTI9Cre_SOVeWyyY.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58431
IP address blocks: 5.226.176.0/21 maxlen: 24
178.237.166.0/23 maxlen: 24
2a03:a860:a00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 17:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ed:bf:73:f0:4d:d3:6a:cd:ed:1b:74:94:6e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dd9976aa1bc2c96eb4c8f42adefd2395796cb26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:53:14:e7:80:d2:ea:bd:7e:f6:53:41:17:90:
4d:1e:c0:e1:54:d6:4f:21:68:ff:e0:ed:17:ff:4a:
2d:0a:de:ec:20:bb:77:73:2a:6a:b6:c3:82:67:b4:
e1:cb:16:ba:0d:a6:20:6c:90:af:44:54:2b:28:5e:
12:11:76:78:4a:e0:2d:bb:e4:fd:d9:04:1a:03:1c:
7a:83:ec:e1:ca:8b:8c:2f:72:d0:2f:52:01:c4:f6:
e6:c9:12:3c:53:c0:4b:78:7c:f3:70:5c:19:11:92:
cf:23:5b:a0:40:4c:a8:39:e1:68:2c:1e:ca:b3:c6:
78:70:47:60:d3:b7:53:e0:e6:ec:d5:5c:21:c2:35:
14:c8:3c:07:4a:40:b8:a7:b6:8c:81:d7:83:9c:2f:
ab:67:15:28:91:4b:1f:e9:90:5c:07:26:f2:01:6e:
33:c2:04:b7:71:6e:18:5b:7d:91:1c:49:43:9d:4c:
79:e1:24:3d:dc:5a:1a:8f:c4:c9:8a:6f:09:8e:ed:
56:f2:cb:74:d6:c5:52:16:8d:0e:10:e0:44:ad:a5:
4f:16:10:4c:0e:7f:39:ba:d7:77:9d:c6:48:f2:05:
c9:b4:dc:d0:6a:10:6e:71:96:27:32:83:a6:6b:cc:
f2:a4:2c:8d:25:2c:35:97:b8:af:02:94:ed:3d:90:
04:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D9:97:6A:A1:BC:2C:96:EB:4C:8F:42:AD:EF:D2:39:57:96:CB:26
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/LdmXaqG8LJbrTI9Cre_SOVeWyyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
178.237.166.0/23
IPv6:
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
12:69:8d:f2:ee:64:9d:0b:a1:53:31:4d:63:21:d3:6a:7d:19:
6f:40:af:20:67:46:d1:d2:cb:a8:c0:d2:ae:a2:39:d7:81:3a:
a1:e4:d9:38:7c:65:1e:0a:dd:7f:2c:61:36:1d:72:98:e6:4d:
ac:e1:a9:c9:ee:cb:71:69:8c:83:c1:38:cc:f9:15:75:7f:7c:
bc:e9:72:f0:6e:a3:33:d7:1c:1b:b5:8f:61:27:01:2e:0b:dc:
d2:f3:23:99:95:f1:34:2e:47:d6:2f:42:c2:f8:a9:c9:3f:c8:
8e:04:8e:38:9f:b1:4c:fe:0a:06:60:7c:38:e1:66:68:42:d3:
e3:95:01:6f:62:32:ab:5b:44:19:d4:c4:0f:55:c2:e6:ce:e1:
f7:41:b7:56:e2:e1:64:3f:43:7c:9b:00:04:5d:45:3e:5f:c4:
3f:2a:64:db:a7:f0:34:2e:2d:38:d4:33:3d:3c:82:70:ed:51:
ea:b1:0a:1d:49:42:ed:00:c5:84:ae:9a:05:60:d3:d1:86:d7:
8d:52:40:c6:0f:92:bf:b4:e8:c9:c1:8d:f3:69:ce:1e:26:05:
78:d2:eb:83:14:0c:60:e3:27:bd:71:01:a1:b9:81:37:f2:63:
c9:01:aa:7e:59:45:a3:6e:d3:1d:2c:6c:c5:13:aa:6e:6f:42:
5e:18:27:13
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDSO2/c/BN02rN7Rt0lG4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ5OTc2YWExYmMyYzk2ZWI0YzhmNDJhZGVmZDIzOTU3OTZjYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVMU54DS6r1+9lNBF5BNHsDhVNZP
IWj/4O0X/0otCt7sILt3cypqtsOCZ7Thyxa6DaYgbJCvRFQrKF4SEXZ4SuAtu+T9
2QQaAxx6g+zhyouML3LQL1IBxPbmyRI8U8BLeHzzcFwZEZLPI1ugQEyoOeFoLB7K
s8Z4cEdg07dT4Obs1VwhwjUUyDwHSkC4p7aMgdeDnC+rZxUokUsf6ZBcBybyAW4z
wgS3cW4YW32RHElDnUx54SQ93Foaj8TJim8Jju1W8st01sVSFo0OEOBEraVPFhBM
Dn85utd3ncZI8gXJtNzQahBucZYnMoOma8zypCyNJSw1l7ivApTtPZAEhQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFC3Zl2qhvCyW60yPQq3v0jlXlssmMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvTGRtWGFxRzhMSmJyVEk5Q3JlX1NPVmVXeXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDBeKwAwQB
su2mMA4EAgACMAgDBgAqA6hgCjANBgkqhkiG9w0BAQsFAAOCAQEAEmmN8u5knQuh
UzFNYyHTan0Zb0CvIGdG0dLLqMDSrqI514E6oeTZOHxlHgrdfyxhNh1ymOZNrOGp
ye7LcWmMg8E4zPkVdX98vOly8G6jM9ccG7WPYScBLgvc0vMjmZXxNC5H1i9Cwvip
yT/IjgSOOJ+xTP4KBmB8OOFmaELT45UBb2Iyq1tEGdTED1XC5s7h90G3VuLhZD9D
fJsABF1FPl/EPypk26fwNC4tONQzPTyCcO1R6rEKHUlC7QDFhK6aBWDT0YbXjVJA
xg+Sv7ToycGN82nOHiYFeNLrgxQMYOMnvXEBobmBN/JjyQGqfllFo27THSxsxROq
bm9CXhgnEw==
-----END CERTIFICATE-----
Generated at Sat May 4 00:13:02 2024 by rpki-client on console-fra.rpki-client.org